What is koa-passport?
koa-passport is a Koa middleware that integrates Passport.js for authentication. It allows you to use various authentication strategies, manage user sessions, and protect routes in a Koa application.
What are koa-passport's main functionalities?
Authentication Strategy
This code demonstrates how to set up a local authentication strategy using koa-passport. It includes initializing the Koa app, setting up the LocalStrategy, and defining a login route.
const Koa = require('koa');
const Router = require('koa-router');
const bodyParser = require('koa-bodyparser');
const passport = require('koa-passport');
const LocalStrategy = require('passport-local').Strategy;
const app = new Koa();
const router = new Router();
passport.use(new LocalStrategy((username, password, done) => {
// Replace with your own logic
if (username === 'user' && password === 'pass') {
return done(null, { id: 1, username: 'user' });
} else {
return done(null, false);
}
}));
app.use(bodyParser());
app.use(passport.initialize());
app.use(passport.session());
router.post('/login', passport.authenticate('local', {
successRedirect: '/success',
failureRedirect: '/login'
}));
app.use(router.routes());
app.listen(3000);
Session Management
This code demonstrates how to set up session management with koa-passport. It includes initializing session middleware and defining serializeUser and deserializeUser functions.
const session = require('koa-session');
app.keys = ['your-session-secret'];
app.use(session({}, app));
passport.serializeUser((user, done) => {
done(null, user.id);
});
passport.deserializeUser((id, done) => {
// Replace with your own logic
done(null, { id: 1, username: 'user' });
});
Protecting Routes
This code demonstrates how to protect routes using koa-passport. It includes defining a protected route that requires authentication.
router.get('/protected', passport.authenticate('local', { session: false }), (ctx) => {
ctx.body = 'This is a protected route';
});
Other packages similar to koa-passport
passport
Passport.js is a popular authentication middleware for Node.js. It is framework-agnostic and can be used with Express, Koa, and other frameworks. Compared to koa-passport, Passport.js requires additional setup to integrate with Koa.
koa-auth
koa-auth is a Koa middleware for authentication. It provides a simpler API compared to koa-passport but may not support as many authentication strategies out of the box.
koa-jwt
koa-jwt is a Koa middleware for JSON Web Token (JWT) authentication. It is useful for stateless authentication and can be used in combination with other authentication strategies. Unlike koa-passport, it focuses solely on JWT.
koa-passport
Passport middleware for Koa
koa-passport version | koa version | branch |
---|
1.x | 1.x | v1.x |
2.x | 2.x | v2.x |
4.x | 2.x | master |
Migration to v3
- change
ctx.passport.*
to ctx.state.*
(e.g. ctx.passport.user
to ctx.state.user
) - don't call passport methods on
ctx.req
(e.g. use ctx.login
instead of ctx.req.login
) - update custom authentication callback arguments to
err, user, info, status
(e.g. passport.authenticate('local', function(err, user, info, status) { ... })(ctx, next)
)
Usage
const bodyParser = require('koa-bodyparser')
app.use(bodyParser())
const session = require('koa-session')
app.keys = ['secret']
app.use(session({}, app))
const passport = require('koa-passport')
app.use(passport.initialize())
app.use(passport.session())
Example Application
Passport's values and methods are exposed as follows:
app.use(async ctx => {
ctx.isAuthenticated()
ctx.isUnauthenticated()
await ctx.login()
ctx.logout()
ctx.state.user
})
License
MIT